CVE Alert: CVE-2024-8804
Vulnerability Summary: CVE-2024-8804 The Code Embed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's script embed...
Month: October 2024
HackerOne Bug Bounty Disclosure: idor-at-mtnmobad-mtnbusiness-com-ng-leads-to-pii-leakage-hazemhussien
Company Name: MTN Group Company HackerOne URL: https://hackerone.com/mtn_group Submitted By:hazemhussien99Link to Submitters Profile:https://hackerone.com/hazemhussien99 Report Title:IDOR at mtnmobadmtnbusinesscomng leads to PII...
HackerOne Bug Bounty Disclosure: reflected-xss-in-hxxps-nin-mtn-ng-nin-success-message-lol-nin-vulnerable-hazemhussien
Company Name: MTN Group Company HackerOne URL: https://hackerone.com/mtn_group Submitted By:hazemhussien99Link to Submitters Profile:https://hackerone.com/hazemhussien99 Report Title:Reflected XSS in hXXps://ninmtnng/nin/success?message=lol&nin=Report Link:https://hackerone.com/reports/2039384Date Submitted:05...
[HUNTERS] – Ransomware Victim: Ibermutuamur
Ransomware Group: HUNTERS VICTIM NAME: Ibermutuamur NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
CVE Alert: CVE-2024-9071
Vulnerability Summary: CVE-2024-9071 The Easy Demo Importer – A Modern One-Click Demo Import Solution plugin for WordPress is vulnerable to...
CVE Alert: CVE-2024-9435
Vulnerability Summary: CVE-2024-9435 The ShiftController Employee Shift Scheduling plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via URL keys...
CVE Alert: CVE-2024-6444
Vulnerability Summary: CVE-2024-6444 No proper validation of the length of user input in olcp_ind_handler in zephyr/subsys/bluetooth/services/ots/ots_client.c. Affected Endpoints: No affected...
CVE Alert: CVE-2024-6443
Vulnerability Summary: CVE-2024-6443 In utf8_trunc in zephyr/lib/utils/utf8.c, last_byte_p can point to one byte before the string pointer if the string...
CVE Alert: CVE-2024-9306
Vulnerability Summary: CVE-2024-9306 The WP Booking Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in...
CVE Alert: CVE-2024-9481
Vulnerability Summary: CVE-2024-9481 An out-of-bounds write in the engine module in AVG/Avast Antivirus signature
CVE Alert: CVE-2024-8499
Vulnerability Summary: CVE-2024-8499 The Checkout Field Editor (Checkout Manager) for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting...
CVE Alert: CVE-2024-9271
Vulnerability Summary: CVE-2024-9271 The Re:WP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all...
CVE Alert: CVE-2024-9483
Vulnerability Summary: CVE-2024-9483 A null-pointer-dereference in the signature verification module in AVG/Avast Antivirus signature
CVE Alert: CVE-2024-9482
Vulnerability Summary: CVE-2024-9482 An out-of-bounds write in the engine module in AVG/Avast Antivirus signature
[CLOP] – Ransomware Victim: HARTSON-KENNEDY[.]COM
Ransomware Group: CLOP VICTIM NAME: HARTSON-KENNEDYCOM NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[KILLSEC] – Ransomware Victim: betterhalf[.]ai
Ransomware Group: KILLSEC VICTIM NAME: betterhalfai NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
Cobalt Strike Beacon Detected – 118[.]31[.]16[.]216:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 1[.]94[.]52[.]236:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
[RANSOMHUB] – Ransomware Victim: omniboxx[.]nl
Ransomware Group: RANSOMHUB VICTIM NAME: omniboxxnl NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[HUNTERS] – Ransomware Victim: BNBuilders
Ransomware Group: HUNTERS VICTIM NAME: BNBuilders NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
Posh C2 Detected – 3[.]109[.]173[.]1:443
The Information provided at the time of posting was detected as "Posh C2". Depending on when you are viewing this...
CVE Alert: CVE-2024-9514
Vulnerability Summary: CVE-2024-9514 A vulnerability was found in D-Link DIR-605L 2.13B01 BETA. It has been declared as critical. This vulnerability...
CVE Alert: CVE-2024-9484
Vulnerability Summary: CVE-2024-9484 An null-pointer-derefrence in the engine module in AVG/Avast Antivirus signature
CVE Alert: CVE-2024-9515
Vulnerability Summary: CVE-2024-9515 A vulnerability was found in D-Link DIR-605L 2.13B01 BETA. It has been classified as critical. This affects...
